In recent years more than 252 million records containing sensitive information have been compromised due to security breaches in the United States, according to the Privacy Rights Clearinghouse, and the majority of these breaches derive from the loss of computer equipment. With that in mind, a group of major tech companies have agreed on common cryptographic standards for protecting data on storage across all hard disk and solid state drives as well as encryption key management applications.
The Trusted Computing Group, whose members include Fujitsu, Hitachi, Seagate, Samsung, Toshiba, Western Digital, IBM and others, announced three non-proprietary specifications. The Opal Security Subsystem Class Specification is designed for PC clients, the Enterprise Security Subsystem Class Specification is for datacenter storage, while the Storage Interface Interactions Specification focuses on the interactions between these storage devices and underlying SCSI/ATA protocols. You can read about them in full detail here.
Part of the problem with proprietary standards is that they are system-specific and that users sometimes don’t encrypt devices because they fear not being able to decrypt the data again afterwards. Ideally settling on one single encryption standard means all drive manufacturers will be able to build cheap disk encryption onto mainstream consumer storage and make it easier for user to secure the data on their computers. In fact, the three larger members of the group – Seagate, Fujitsu and Hitachi – are already producing drives that support the standard.